Hybrid Cloud: Flexible Architecture for the Future of Financial Services
November 3, 2022 | Updated: March 21, 2023
Financial services companies are reimagining how they apply technology to meet the growing service demands of a digital-first world. As they recognize the operational and competitive advantages of the public cloud, many companies are migrating their computing needs to it as quickly as possible.
For an industry with tight regulations, a vast amount of private data, and complex legacy infrastructure, however, moving every workload to the cloud isn’t feasible just yet. Instead, some companies are moving to hybrid cloud, an architecture that enables them to use the public cloud wherever possible, while keeping those applications and data with tricky legal or reputational exposure on in-house systems.
In this article, we’ll examine advantages of a hybrid cloud approach and outline steps to consider when preparing for such a shift.
Hybrid cloud integrates public cloud and on-premises infrastructure into a single functioning unit. Through the public cloud, institutions gain valuable versatility, agility, and scale to run applications more efficiently and to turbo-charge experimentation. They can use existing infrastructure to handle sensitive workloads — including those storing Personally Identifiable Information (PII) — within a familiar, time-tested environment.
Deciding where to host applications is usually a function of a workload’s data secrecy and sovereignty requirements and an institution’s assessment of risks and opportunities related to them. Developing the technical flexibility to move between public and private infrastructures makes it easier to match those requirements to the environment best suited to fulfill them.
Advantages to hybrid cloud
A hybrid cloud approach offers many advantages. For example, institutions can use public cloud infrastructure for tasks with dynamic resource requirements, such as payments processing over holidays or risk calculations for end-of-month reporting. This setup can reduce the delays, data center overhead, and sunk costs associated with adding in-house servers, some of which may ultimately be used situationally or not at all. Companies also save on capital expenses and improve responsiveness to internal and external demands.
A hybrid cloud setup can also help organizations address compliance, resilience, and performance needs. Those operating in multiple countries can use in-house and public cloud resources across different regions to satisfy disparate requirements around data sovereignty and residency. This geographic and infrastructure diversity can also enhance a company’s failover and disaster recovery profile. By co-locating applications in public cloud regions near customers, institutions can also improve service performance — an important factor as the industry moves toward mobile-first solutions.
As institutions pursue more efficient ways to work, the insight gained through planning and executing a hybrid cloud strategy can help inform and transform an organization’s operations. Institutions can begin the shift to the continuous cadence of DevOps, DevSecOps, and MLOps teams by incorporating public cloud tools and methods. This approach includes using process automation and orchestration tools to streamline delivery and maintenance, and management applications to free up in-house IT resources from undifferentiated work.
The following section describes other ways a hybrid approach can encourage changes to institutional conventions.
Although fixed infrastructure costs and investments can limit an organization’s flexibility, most companies still budget for fixed costs and may find the usage-based billing of public cloud services unnerving. Making the shift from the transparency and stability of capital expenses for on-premises infrastructure to the unpredictability of operating expenses in public-cloud procurement requires an organizational adjustment. Vendors do offer cost-management tools to help budget for and accommodate these changes. Hybrid cloud can help ease this transition as the organization moves into an infrastructure-as-a-service model.
Expanding a security mindset
The financial services sector is a high-target industry for cyberattacks. Data loss and leakage are also significant concerns. Organizations, therefore, often struggle to transfer any control over security and system integrity to a third party, and disparate regulations increase those hurdles.
Sometimes, though, organizations overestimate the effectiveness of their in-house security teams and underestimate the security capabilities of the largest cloud providers who, like banks, are charged with deflecting the most sophisticated attacks all day, every day.
Cloud services providers and other third-party vendors invest heavily in security research and resources. They regularly certify to the highest compliance standards. They’re also constantly developing new solutions to help institutions bridge gaps in their homegrown security measures and team capabilities. The result is that the security capabilities of the public cloud providers are often more advanced than those of in-house teams.
Simplifying infrastructure complexity
The largest financial institutions with the greatest global coverage face the biggest challenges in building a hybrid architecture. What’s more, sunk investments in on-premises infrastructure can make it cost- and ROI-prohibitive to shift workloads to the public cloud. An architecture that can support a hybrid of public cloud, on-premises cloud, and bare-metal deployments offers a flexible solution to address this complexity.
Preparing for the shift
As with any big shift in technology, the move to hybrid presents a set of challenges that are as much cultural and operational as they are technical. Preparation for a hybrid cloud project, therefore, must include organizational readiness assessments across functions. It must take into consideration not just the technical, business, and monetary impact but also the legacy mindset and organizational rituals that can jeopardize the best-laid technology strategies. In pursuing a hybrid cloud strategy, institutions can begin to modernize outdated operating principles as they transform their approach to technology.
Given the high uptake within the industry, the steps to adopt a public cloud-only model are well-documented. In a hybrid cloud approach, however, lack of expertise in integrating public and private cloud technologies is a frequent challenge. This, coupled with staff who may be reluctant to adopt unfamiliar technology, can create resistance among technology teams. Early successes with high management attention can create excitement; for a wider adoption, strong central platform support through the infrastructure team, as well as training and transparency, can help staff get on board.
Other effective ways for an organization to prepare for a hybrid cloud future include setting clear business and technical goals, creating inventories of data and applications, and evaluating how customers might react to changes in responsiveness and security brought about by the switch to hybrid. Assessing in-house skills and managing transformation anxiety of existing technical staff are also crucial to team preparedness.
The following steps can help financial institutions prepare for a hybrid approach.
- Know your company and your customer
- Set goals: Companies that articulate clear goals for their hybrid strategy are more likely to achieve them. These goals might include gains in operating efficiency, more flexible development, cost savings, speed of innovation, IT resiliency, or regulatory flexibility.
- Evaluate your customer profiles: Retail and institutional customers require different services and protections from their financial institutions. An understanding of these needs and concerns should inform any analysis of the potential for a hybrid cloud implementation. The storage of PII, for example, demands special consideration.
- Profile your assets: Financial institutions house data and applications that perform business functions. Understanding these in a regulatory context, from a commercial perspective and through a technical lens, will influence decisions about how best to optimize them in a hybrid cloud environment.
- Blend private and public cloud: To decrease effort, organizations should reduce differences between the two deployment methods. This aim is crucial for a successful adoption. Initiatives that require teams to manually request assets on the private cloud usually fail.
- Engage stakeholders: An effective hybrid cloud strategy engages functions across the enterprise. It incorporates business, legal, IT, and security priorities into a comprehensive plan. Engaging compliance officers and security professionals early on is critical, as compliance and system safeguards must be woven into the DNA of any hybrid cloud plan from the outset..
- Assess skills and educate the team: At the start of a journey to hybrid cloud, organizations often lack the expertise and mindset to confidently shift to a new model. Simply understanding the myriad services offered by public cloud providers can be daunting. Combining public and private clouds in a hybrid setup requires another whole level of up-skilling. Evaluating in-house teams to determine education and training needs is essential for the new paradigm.
- Foster transparency: In any effective cloud strategy, transparency across the organization is crucial to gaining buy-in, just as education is crucial to building skills. A cloud adoption team can ensure that the training and cultural needs of the organization are met alongside financial, customer, and business imperatives. Engaging your cloud provider(s) in this process can help.
- Start small: Small proofs of concept build confidence and allow teams to expand incrementally on the back of those successes..
- Manage risk: Start with a low-risk approach. For example, organizations may choose to move workloads that are highly dynamic and less sensitive first. These might include some customer-facing apps that contain little PII. Institutions often start with retail applications, while still running their institutional-focused applications within their on-premises data centers. This approach may change over time as they become more comfortable with public cloud security and managing a hybrid environment.
Moving to hybrid
Financial services institutions are already adapting to greater demands for innovation and efficiency by designing responsive IT environments and taking advantage of the public cloud — and often, hybrid cloud is a crucial part of that pathway.
A hybrid cloud strategy is a great solution to help organizations to meet their technical and business objectives more cost-efficiently and effectively than with either a public or private cloud alone. A hybrid cloud approach offers the flexibility that institutions need to meet rapidly changing customer demands as well as competition from a new wave of challengers. As best practices become clear and more implementation lessons emerge, the industry will further embrace hybrid cloud as an important step in an evolution to a fully managed multi-cloud solution.
Finding the right partners, of course, is crucial. Experienced teams and the best technical solutions greatly increase the odds of executing a successful hybrid strategy. The team at MongoDB offers solutions and advice to help financial institutions progress toward a more functional, flexible, and future-forward enterprise technology platform.
To learn more about how MongoDB can help you on your cloud adoption journey, check out the following resources: